Processing activity masking in a data processing system

ABSTRACT

Apparatus for processing data under control of data processing instructions specifying data processing operations, said apparatus comprising: a first execution mechanism operable to execute a first set of data processing instructions; a second execution mechanism operable to execute a second set of data processing instructions, said first set of data processing instructions overlapping with said second set of data processing instructions such that one or more data processing instructions are executable by either said first execution mechanism or said second execution mechanism; and an execution mechanism selector operable to pseudo randomly selected either said first execution mechanism or said second execution mechanism to execute one or more data processing instructions that are executable by either said first execution mechanism or said second execution mechanism.

This invention relates to the field of data processing systems. Moreparticularly, this invention relates to the masking of processingactivity within data processing systems, for example, in order toincrease security.

It is know to provide data processing systems which manipulate securedata and for which it is desirable to ensure a high degree of security.As an example, it is known to provide smart cards which include a dataprocessing system which manipulates secure data, such as secretcryptographic keys, and this data must be kept secret in order toprevent fraud.

Known ways of attacking the security of such systems include timinganalysis and power analysis. By observing the timing behaviour and/orthe power consumption behaviour of such a system in response to inputs,information concerning the processing being performed and the data beingmanipulated can be determined in a way that can compromise security. Itis strongly advantageous to provide resistance against such securityattacks.

SONG S P ET AL: “THE POWER PC 604 RISC MICROPROCESSOR”IEEE MICRO, IEEEINC. NEW YORK, US, vol. 14, no. 5, 1 Oct. 1994 (1994-10-01) pages 8-17,ISSN: 0272-1732 discloses a processor with multiple integer executionunits to which integer instructions may be dispatched depending uponavailability.

Viewed from one aspect the present invention provides apparatus forprocessing data under control of data processing instructions specifyingdata processing operations, said apparatus comprising:

a first execution mechanism operable to execute a first set of dataprocessing instructions;

a second execution mechanism operable to execute a second set of dataprocessing instructions, said first set of data processing instructionsoverlapping with said second set of data processing instructions suchthat one or more data processing instructions are executable by eithersaid first execution mechanism or said second execution mechanism; and

an execution mechanism selector operable to pseudo randomly selectedeither said first execution mechanism or said second execution mechanismto execute one or more data processing instructions that are executableby either said first execution mechanism or said second executionmechanism; wherein said execution mechanism selector is controlled by apseudo random execution mechanism selecting signal generated by a pseudorandom signal generator.

The invention recognises that within a system having at least someinstructions of an instruction set which may be executed by more thanone execution mechanism, the power signature and other characteristicsassociated with those instructions can be masked by pseudo randomlyselecting different execution mechanisms for the instructions. As anexample, if an instruction may be either executed natively by dedicatedhardware or emulated by other software running on the hardware, thenthis technique pseudo randomly switches between these mechanisms. Aswell as disguising the power signature associated with the execution ofthe instruction, the timing of the execution is also markedly altered.

In preferred embodiments of the invention the processing behaviour isfurther obscured in an advantageous manner when the processing behaviourthat is associated with an instruction is altered depending upon whichexecution mechanism was used for the preceding instruction. An exampleof a reason this might occur, depending upon the previous executionmechanism used a particular data or other value may or may not be cachedsuch that the characteristics associated with the execution of thepresent instruction are varied depending upon whether the value is ornot cached.

Whilst it is possible to use the present technique when only some of theinstructions to be executed are capable of execution by differentexecution mechanisms, the implementation of the invention isadvantageously simplified when all of the instructions to be executedmay be executed by either execution mechanism. Thus, the switchingbetween execution mechanism does not need to take account of theparticular instruction concerned.

Particular preferred embodiments which show strongly differentcharacteristics associated with the execution of instructions are onesin which in a first execution mechanism the instruction is executed as anative instruction by hardware and in a second mechanism is emulated bysoftware. Native hardware execution will typically be fast and consumelittle power, where as software emulation will be relatively slow andconsumes more power.

Whilst it is possible that the execution mechanisms may be completelyindependent of one another, it is also possible they overlap to somedegree. In preferred embodiments of the invention one of the executionmechanisms is software emulation and the other execution mechanism isnative hardware based execution of simple instructions with softwareemulation of more complex instructions. The software emulation of themore complex instructions can be by shared software used by bothexecution mechanisms.

Whilst the instructions that may be subject to the different mechanismscould take a wide variety of different forms, the invention isparticularly well suited to instructions associated with a virtualmachine environment, such as, for example, Java bytecodes. In thiscontext, the first execution mechanism may be native hardware executionof at least some of the Java bytecodes with other Java bytecodes beingsoftware emulated with a second execution mechanism that is softwareemulation of all of the Java bytecodes.

Whilst the present technique is applicable to a variety of dataprocessing systems, such as microprocessor based systems, digital signalprocessing systems and the like, it is particularly well suited tosystems including a processor core executing program instructions and towhich a pseudo random signal is input to select between differentexecution mechanisms, which includes more than one execution mechanismfor at least some instructions.

In order to mask the execution characteristics of instructions fromexternal observation a pseudo random selection can then be made as tothe execution mechanism used for such instructions. The instructions maybe Java bytecodes and a selection may be made between an executionmechanism that is mixed native hardware execution and software emulationand an execution mechanism that is entirely software emulation.

The pseudo random selection of the execution mechanism may beselectively enabled and disabled by a system configuring parameter suchthat use of the most efficient execution mechanism may be forced whenefficience is more important than security.

Embodiments of the invention will now be described, by way of exampleonly, with reference to the accompanying drawings in which:

FIG. 1 schematically illustrates a data processing system operable in afixed timing mode and a variable timing mode;

FIG. 2 schematically illustrates a conditional programming instruction;

FIG. 3 is a flow diagram schematically illustrating part of theprocessing operations performed by an instruction decoder operating inaccordance with the present techniques;

FIG. 4 schematically illustrates the execution of a conditional branchinstruction in a fixed timing mode;

FIG. 5 is a diagram schematically illustrating a data processing systemincluding multiple circuit portions which may be selectively enabled toperform required processing operations or dummy processing operations;

FIG. 6 schematically illustrates a circuit portion and its associateddummy activity enabling circuit which may be responsive to both requiredenable signals and random dummy activity enable signals;

FIG. 7 schematically illustrates a linear shift back feed register whichmay be used as a pseudo-random signal generator:

FIG. 8 is a flow diagram schematically illustrating control of a circuitportion to perform required processing activity and dummy processingactivity;

FIG. 9 schematically illustrates a portion of a register bank includingmultiple data processing registers, multiple dummy registers, multipleshared dummy registers and a non-mapped trash register RT to which adummy register write is made when a conditional write operation failsits condition codes;

FIG. 10 is a flow diagram schematically illustrating a register writecontrolling circuit which seeks to balance the number of high to low andlow to high transitions occurring when a register write occurs;

FIG. 11 is a table illustrating the relationships between bittransitions for a particular bit within the data register and threefurther registers which are configured to balance the high to low andlow to high transitions occurring in association with a register writet;

FIG. 12 is a flow diagram schematically illustrating control of writingto a trash register on a condition code fail of a write operation;

FIG. 13 is a diagram schematically illustrating a system having multipleexecution mechanisms for an instruction and pseudo random selection ofthe execution mechanism employed for at least some instructions; and

FIG. 14 is a flow diagram schematically illustrating control of thesystem of FIG. 13.

FIG. 1 illustrates a data processing system 2 including a processor core4, a coprocessor 6 and a memory 8.

In operation, the processor core 4 fetches instructions and data fromthe memory 8. The instructions are fed to an instruction pipeline 10where they occupy successive pipeline stages such as, for example,fetch, decode, execute, memory and write back on successive processingcycles. Pipelined processors are in themselves well known as a way ofeffectively executing a number of program instructions in a partiallyoverlapping fashion in order to improve processor performance.

The data values read from the memory 8 by the processor core 4 aresupplied to a register bank 12 from where they may be manipulated underprogram instruction control using one or more of a multiplier 14, ashifter 16 and an adder 18. Other data manipulating circuits may beprovided, such as circuits performing logical operations, such as ANDs,Ors, count leading zeros etc.

FIG. 1 also illustrates an instruction decoder 20 within the processorcore 4 which is responsive to a program instruction within theinstruction pipeline 10 to generate execution control signals that areapplied to the various processing elements, such as the register bank12, the multiplier 14, the shifter 16 and the adder 18 in order tocontrol the data processing operations performed. As an example, thecontrol signals generated by the decoder 20 may cause the appropriateoperands to be read from the register bank 12 and supplied and actedupon by the appropriate ones of the multiplier 14, the shifter 16 andthe adder 18 so as to generate a result which is written back into theregister bank 12.

The coprocessor 6 is a system configuration coprocessor containing anumber of configuration registers 22 which may be written under programcontrol to set up configuration controlling parameters. Theseconfiguration controlling parameters can specify many aspects of theconfiguration of the processing system 2, such as for example theendianess and the like. Included within one of these configurationcontrolling registers 22 is a bit which specifies whether or not theprocessor core should operate in a fixed timing mode or a variabletiming mode. This bit is illustrated as being supplied as an input tothe instruction decoder 20, but it will be appreciated that this bit mayalso be supplied to various other points within the processor core 4 asrequired to control their behaviour. In dependence upon thisfixed/variable bit, the processor core 4 operates in either a fixedtiming mode or a variable timing mode. When in the fixed timing mode atleast one program instruction which has a variable timing (i.e. takes avariable number of processing cycles to complete) in the variable timingmode, is instead forced to have a fixed timing (e.g. take the maximumpossible number of processing cycles to complete irrespective of whetheror not it could have been suppressed in its entirety or completed inless than the maximum number of processing cycles. As the instructiondecoder 20 is primarily responsible for decoding the programinstructions and instructing the activity of the other elements of theprocessor core 4, the instruction decoder 20 can take the major role incontrolling the processor core 4 to either operate in the fixed timingmode or the variable timing mode. Not all variable timing instructionneed be provided with a fixed timing mode type of operation.

It will be appreciated that in the above description a single bit in theconfiguration controlling register 22 is shown as switching betweenfixed and variable timing modes. Alternatively, multiple bits within theconfiguration controlling register 22 may be provided to separatelyenable and disable the fixed or variable timing behaviour of differenttypes of instruction, such as conditional instruction behaviour, uniformbranch behaviour, disabling early terminate, etc.

FIG. 2 schematically illustrates a conditional instruction 24. Thisconditional instruction may be part of an instruction set which includesonly some conditional instructions or part of an instruction set, suchas the ARM instruction set, which is substantially fully conditional.The condition codes 26 encode a set of processor state conditions inwhich the associated instruction either will or will not be executed. Asan example, the condition codes 26 can be arranged to specify that theinstruction 24 will not execute if the condition codes currently set inthe system indicate a zero result, a carry has occurred, an overflow hasoccurred or the like. This type of instruction can be utilised toprovide efficient program coding. The fixed/variable bit at leastpartially suppresses the conditional behaviour in that the instructionwill execute irrespective of its condition codes, but may not write itsresult in a way that has an effect upon the processor state.

FIG. 3 is a flow diagram schematically illustrating part of theprocessing operations performed by the instruction decoder 20. It willbe appreciated that FIG. 3 illustrates these processing operations as alogical sequence, whereas in practice these processing operations may beperformed at least partially in parallel or in a different order.

At step 28, the instruction decoder 20 waits for a new instruction toexecute. When a new instruction is received processing proceeds to step30 at which the condition codes associated with the new instruction areread. At step 32 these condition codes are compared with the currentlyexisting condition codes in the system. These condition codes currentlyexisting in the system are the result of previous processing activity,either in the immediately preceding instruction or in the lastinstruction which would have updated those condition codes.

At step 34, a check is made for a match between the condition codes 26of the current instruction being executed and the existing conditioncodes. If a match does not occur, then processing proceeds to step 36where execution of the current instruction is started. It will beappreciated that FIG. 3 illustrates a system in which execution occurswhen a match does not occur, but alternative embodiments could equallywell be ones in which execution occurs when a match occurs.

Following step 36, processing proceeds to step 38 where a check is madeas to whether or not early termination of the instruction is possible.This early termination may, for example, be because one of the operandshas a particular value, such as zero or unity, or on subsequentprocessing cycles that a particular partial result has been produced. Ifearly termination is possible, then processing proceeds to step 40 wherea check is made as to whether or not the processor core 4 is currentlyoperating in the fixed or variable timing mode. If the processor is inthe variable timing mode, then processing proceeds to step 42 and theinstruction concerned is early terminated with the result being returnedas appropriate and processing returns to step 28.

If the determination at step 40 is that the system is in the fixedtiming mode, then processing proceeds to step 44 irrespective of thefact that early termination is possible. Step 44, which may also bereached by a determination at step 38 that early termination is notpossible, executes the instruction concerned for one processing cycle.In the case of a multicycle processing instruction, such as amultiplication, a divide, an add or a subtraction, these typically takeseveral cycles to execute and so after step 44 processing proceeds tostep 46 at which a determination is made as to whether or not themaximum number of cycles associated with that instruction has yet beenperformed. If the maximum number of cycles has been performed, then theresult will have been generated. If early termination was possible andthe system was being forced to continue to execute for furtherprocessing cycles, then step 46 will still indicate that this forcedexecution should cease when the maximum possible number of processingcycles for that type of instruction has been reached. If the maximumnumber of processing cycles has not yet been performed, then processingis returned to step 38.

If the match tested for at step 34 was positive, then processingproceeds to step 48. In this example, the positive detection of a matchat step 34 indicates that execution of the particular instruction shouldbe suppressed. Step 48 determines whether or not the system is currentlyin the forced execution mode. If in the forced execution mode, thenprocessing proceeds to step 50 where a forced dummy execution of theinstruction will occur. When dummy execution is performed the result iswritten to a trash register (see trash register 51 in FIG. 1), ratherthan the destination specified in the instruction itself so as toprevent the state of the system being modified by a program instructionwhich should not have executed as it should have been suppressed whilstalso keeping a substantially unaltered power consumption. If at step 48the determination is that the system is not in the forced execution modebut is in the variable timing mode, then processing bypasses step 50 andreturns to step 28 with the program instruction being suppressed in thenormal way.

It will be appreciated that FIG. 3 illustrates a generic system in whichdummy execution is applied to all condition code failed instructions andall early termination of instructions is suppressed. In practice, it isalso possible for these techniques to be applied to a subset ofconditional instructions and instructions capable of early termination.The multiple configuration controlling bits mentioned above could beused to selectively turn on features such as early terminatesuppression, but not others, such as dummy execution following acondition code fail.

FIG. 4 schematically illustrates the execution of a conditional branchinstruction in the fixed timing mode. A sequence of instructions AB areexecuted until a conditional branch instruction BEQ (branch upon equal)is reached. This instruction encodes the behaviour that the specifiedbranch will be performed if the flag indicating an equal result fromprevious processing is set and will be suppressed if this flag is notset. When the condition codes are passed, i.e. a condition code match,then the branch is taken and processing proceeds to instructions X, Y,etc. If the condition codes fail, then instead of being suppressed inits entirety, the BEQ instruction performs a branch to the immediatelyfollowing instruction C. This is the same instruction which would havebeen reached if the BEQ instruction had been suppressed and not executedat all. However, in the fixed timing mode, the BEQ will have executedconsuming the same number of processing cycles irrespective of whetheror not the condition codes were passed or failed. This helps obscure theresults of data processing operations previously performed from a persontrying to gain access to secure data.

FIG. 5 schematically illustrates a data processing system 52 in the formof a programmable processor core which responds to program instructionsI and manipulates data D. The data processing system 52 includes aregister bank 54, a multiplier 56, a shifter 58, an adder 60, andarithmetic logic unit 62, a load store unit 64, a data pipeline 66, andinstruction decoder 68 and a random clock gating circuit 70. A systemconfiguration coprocessor CP15 72 is coupled to the processor core. Thesystem configuration coprocessor 72 includes a system configurationregister 74 holding multiple flag values which respectively serve toenable or disable the pseudo random dummy activity of different circuitportions of the data processing system 52. It will be appreciated thatthe data processing system 52 will typically include many more circuitelements, but these have been omitted for the sake of clarity from FIG.5.

Associated with the multiplier 56 is a dummy activity enable circuit 76which serves to enable dummy activity in the multiplier 56 asappropriate or alternatively pass the required activity enable signalsto activate the multiplier 56 when the program instruction beingexecuted so requires. Similar dummy activity enables circuits 78, 80,82, 84 are associated with the respective other circuit portions 58, 60,62, 64 previously mentioned.

In operation, instructions to be executed are to be passed to theinstruction pipeline 66 and on to the instruction decoder 68 to generateinstruction driven enable signals which are applied to respectivecircuit portions. These enable signal serve to select the data paththrough the data processing system 52 and to activate the circuitportions concerned to read their inputs, to perform the specifiedprocessing and to generate their associated output signals. As anexample, a multiplier-accumulate operation might read data values fromthe register bank 54, apply these to the multiplier 56 and adder 60 andthen write back the result to the register bank 54. Thus, the registerbank 54, the multiplier 56 and the adder 60 would all be subject torequired activity enable signals which both enabled their operation andselected them to form a complete data path. The different circuitportions have different power consumption characteristics and timingcharacteristics such that external observation could reveal whichinstruction were being executed by observing such parameters.Accordingly, pseudo random dummy activity of the other circuit portionsnot required for the instruction being executed is also enabled. Thus,even though the shifter 58 may not being used by the particularmultiplier accumulate instruction being executed, it may nevertheless bepseudo randomly enabled such that it will consume power by shiftingwhatever value is applied to its input. Its output latches will not beenabled to avoid this dummy activity altering the circuit state anundesired way which may interfere with required operation e.g somecircuit portions might assume persistence of output values. The dummyactivity is enabled for time periods matching the normal operationtimings for the circuit portions concerned.

The random clock gating circuit 70 serves to receive a plurality ofpseudo random enable signals for different respective circuit portionsand gate these for applying to respective circuit portions under thecontrol of configuration parameters read from the system configurationregister 74 within the system configuration coprocessor 72. Theseconfiguration flags may indicate that dummy activity should be enabledfor the shifter 58, ALU 62 and multiplier 56, but not for the adder 60or the load store unit 64. The different pseudo random enable signalsallow different pseudo random characteristics to be applied in a mannerthat can match these respective circuit portion concerned. As anexample, there may a different minimum enable time associated with thenormal timing of the different circuit portions.

At an overall level, it will be seen that the instruction decoder 68will serve as a required activity enabling circuit which will enable thecircuit portions required to perform the data processing operationspecified by the instruction currently being executed superimposed uponthis required activity, various dummy activities within the othercircuit portions will be enabled/stimulated by the dummy activitycontrol circuitry provided in various places in the rest of the dataprocessing system 52. The dummy activity serves to mask the powerconsumption and timing characteristics associated with the requiredactivity.

FIG. 6 schematically illustrates a circuit portion 86 which may besubject to both a required enable signal en and a dummy enable signalrnd. This circuit portion 86 can be considered as a sequence of latchesbetween which processing logic manipulates data values. When genuinerequired activity is necessary, all of the latches that provide a datapath through the circuit portion 86 are enabled and the requiredprocessing will be performed between the input latches and the outputlatches. When dummy activity is instructed, then only the input latchesand the intermediate latches are enabled. Thus, a data path is notprovided through the full circuit portion and the output valuesgenerated by that circuit portion are not altered.

FIG. 7 illustrates a linear feedback shift register of the type whichmay be used to generate pseudo random clock signal. These clock signalscan be provided to the random clock dating circuit 72 of FIG. 5.Separate pseudo random signal generators may be provided for thedifferent circuit portions. The fixed clock frequency associated withthe different pseudo random generators may be altered so as to match thecharacteristics of the circuit portion concerned and further obscure themasking operation as required.

FIG. 8 schematically illustrates the control of an enable signal for acircuit portion. At step 88 a determination is made as to whether or notan enable signal en has been received from the instruction decoder 68.If such an enable signal has been received, then processing passes tostep 90. An enable signal from the instruction decoder 68 indicates thatrequired processing operation is necessary in accordance with a genuineprogram instruction being decoded. Thus, step 90 enables the input,output and clock signal to the circuit portion concerned. If at step 88no enable signal en is received from the instruction decoder, thenprocessing passes to step 92 where a determination is made as to whetheror not dummy operation of that circuit portion is permitted. If dummyoperation is permitted, then processing proceeds to step 94 at which theinputs and clock to the circuit portion are enabled, but the outputsfrom the circuit portion are not enabled. The circuit portion thenundertakes dummy activity. If the determination at step 92 was thatdummy operation was not permitted, as indicated by the systemconfiguration parameter(s), then processing terminates by passing tostep 94.

It will be appreciated that the process illustrated in FIG. 8 is in theform of a sequential flow diagram. In practice, this control may beperformed in a different sequence and use circuit elements spreadthroughout the data processing system 52. The operations illustrated asbeing sequentially performed may in fact be performed in parallel or thecontrol functions modified. At an overall level an individual circuitportion will be enabled to perform its normal required operation inresponse to an appropriate program instruction and will be enabled toperform dummy activity when permitted by the associated configurationparameter.

FIG. 9 schematically illustrates a register bank 96. This register bankis based upon the ARM processor programmer's model for user modeoperation in accordance with processors designed by ARM Limited,Cambridge, England). In practice, further registers may be provided forother processor modes, but these have been omitted for the sake ofclarity. The normal data registers R0 to R15 are provided for holdingdata values. The registers R13, R14 and R11 typically serve to store theprogram counter value, the branch return address value and the stackpointer, which tend to be none security related data values.Accordingly, transition balancing upon data writes is not necessary forR13, R14 and R15. A trash register RT is provided within the registerbank 96 for use in association with conditional writes which fail theircondition codes thus, a conditional write instruction which fails itscondition code would not normally make any write. However, with thissystem such a failed conditional write instruction nevertheless writes adata value to the trash data register RT even though the condition codeshave failed. This masks any difference in power consumption or timingthat might be associated with condition code failure or condition codepassing of a conditional write operation. The trash data register RTdoes not appear in the programmer's model in a way that enables it to beaddressed with a register specifying operand within an instruction.

As well as the trash data register RT, further registers 98, 100 arealso provided for the purpose of balancing the high to low and low tohigh transitions. Dedicated dummy registers 98 are provided in respectof the data registers R0 to R12 as well as the trash data register RT.Shared dummy registers 100 are provided for storing an exclusive ORvalue as well as the inverse of the exclusive OR value in response toeach write to a data register subject to the transition balancingtechnique. A register write control circuit 102 serves to generate theappropriate data values to be written to the further registers 98, 100in response to a data value write to a data register. This symmetricwrite control is selectively enabled and disabled by an appropriatesystem configuring controlling flag signal from the system configuringcoprocessor 72.

FIG. 10 is a flow diagram schematically illustrating the operation ofthe register write control circuit 102. At step 104 the circuit waitsfor a register write operation to be instructed. Step 106 determineswhether this register write is to one of the data registers or the trashdata registers RT for which the symmetric write control system isapplied. If the register write is not to such a register, thenprocessing proceeds to step 108 and a simple write of the required datavalue X is made to one of the registers R13, R14 and R15.

If the register to which the write is being made is potentially subjectto symmetric register writing then step 110 serves to determine whetheror not this feature is currently enabled. If this feature is notcurrently enabled, then processing proceeds to step 108. If this featureis enabled, then processing proceeds to step 112.

At step 112, the register controls circuit calculates for each bitposition within the data value a value being the inverse exclusive OR ofthe current bit being written at that position and the previously storedbit at that position which is then exclusive Ored with the previouslystored dummy register value for that bit position (see FIG. 11). Theregister control circuit 102 also calculates the inverse of thedetermination as well the inverse of the bit being written as the datavalue to the data register. These values are calculated for all of thebits being written (e.g. 3 dummy ˜32-bit values).

At step 114 the data value is written to the data register in a similarmanner to step 108. At step 116 the three further values determined foreach bit position within the registers concerned are written to thethree further registers. Steps 114 and 116 take place simultaneously. Aswill be discussed in relation to FIG. 11, this results in a balancenumber of high to low and low to high transitions and thus powerconsumed.

FIG. 11 illustrates a table of possible bit values before and after adata write operation. The data value is being written to a register Rn,which is a register to which the symmetric write operation function isapplied. The values at time t and time t+1 are illustrated. The inverseof these values is simply determined. Each of the data registers subjectto this symmetric operation is provided with a dedicated dummy register98 which stores the inverse of the data value currently held in the dataregister.

The shared dummy registers 100 are indicated in FIG. 11 as registers Rd.For each bit position on within the shared dummy register Rd the newvalue to be written at that bit position when a data write occurs isdetermined by the function shown at the bottom of FIG. 11. This functionensures that when a change does not occur in the data value and theinverse of the data value, then a change is guaranteed to occur in thecorresponding bit within the shared dummy register and accordingly itsinverse. The table shows the changes in the shared dummy register valueswhich occur when the data value does not change and the shared values inthe dummy register values not changing when the data value does change.Thus, there is a guaranteed fixed number of transitions for every write,i.e. a balanced equal number of transitions high to low and low to high.

FIG. 13 is a flow diagram illustrating the action of the dummy dataregister RD to provide writes when a write operation fails its conditioncode(s). At step 118 the control logic waits for an instruction to bereceived. This control logic may be the instruction decoder 68 or otherlogic. Step 120 determines whether or not the instruction failed itscondition codes. If the instruction does not fail its condition code,then it is normally executed at step 122 and makes its write to theregister specified by the register operand within that instruction. Ifthe instruction does fail its condition codes, then processing proceedsto step 124 at which a determination is made as to whether or not dummydata register writes are enabled. If these are not enabled, thenprocessing terminates. If dummy data register writes are enabled, thenprocessing proceeds to step 126 at which a write of the data valuecalculated by the condition code failed instruction is written to thetrash data register RT even though the condition codes failed. Thisbalances the power consumption and timing irrespective of a conditioncode pass or a condition code fail. It will be appreciated that thetrash data register RT is also subject to the transition balancingmechanisms previously discussed.

FIG. 13 illustrates a data processing system 128 in which multipleinstruction execution mechanisms are provided for at least someinstructions. The data processing system 128 is one which supports thenative execution of at least some Java bytecode instructions. This typeof data processing system and native execution is described in publishedPCT Patent Application Number WO-A-02/29555. The disclosure of thispublished application as a whole and in respect of the native hardwareexecution and selective software emulation of more complex Javabytecodes in particular is incorporated here in by reference.

The Java bytecode decoder 130 may be selectively enabled and disabled byan input signal. When the Java bytecode decoder 130 is disabled areceived Java bytecode will trigger an exception which starts executionof software emulation code for handling Java bytecodes using the nativeARM Thumb instruction sets. This support code is stored within memory inarea 132 as illustrated. The Java bytecode program 134 is also storedwithin memory. When it is desired to obscure the nature of the Javaprogram execution, the Java bytecode decoder 130 may be subject to apseudo random signal which selectively enables and disables this elementso as to effectively switch the instruction execution mechanism for theJava bytecodes between a mixed hardware and emulation executionmechanism and a purely emulation mechanism. Configuration controllingvalues within a system configuration register 136 specify whether or notthe Java decoder 130 is present and whether or not random enabling anddisabling of this Java decode 130 is permitted.

FIG. 14 schematically illustrates the handling of a received Javabytecode. At step 138 a Java bytecode is received. Step 140 determineswhether or not the Java decoder 130 is enabled. The pseudo randomenabling and disabling of the Java decoder 130 effectively causes abranch to either step 142 at which the bytecode is always emulated or anattempt to execute the instruction in hardware at step 146. Thisobscures/masks the power signature associated with Java bytecodeexecution. If the determination at step 146 is that the particular Javabytecode concerned is not supported by the Java decoder 130, then thisJava bytecode will also be emulated in software at step 142. However, ifthe Java bytecode is supported in hardware, then it is executed inhardware at step 146.

1. Apparatus for processing data under control of data processinginstructions specifying data processing operations, said apparatuscomprising: a first execution mechanism (130) operable to execute afirst set of data processing instructions; a second execution mechanismoperable to execute a second set of data processing instructions, saidfirst set of data processing instructions overlapping with said secondset of data processing instructions such that one or more dataprocessing instructions are executable by either said first executionmechanism or said second execution mechanism; and an execution mechanismselector (140) operable to pseudo randomly selected either said firstexecution mechanism or said second execution mechanism to execute one ormore data processing instructions that are executable by either saidfirst execution mechanism or said second execution mechanism; whereinsaid execution mechanism selector is controlled by a pseudo randomexecution mechanism selecting signal (j2 ran) generated by a pseudorandom signal generator.
 2. Apparatus as claimed in claim 1, whereinsaid first execution mechanism and said second execution mechanism haveat least one different execution characteristic for at least one of saiddata processing instructions that are executable by either said firstexecution mechanism or said second execution mechanism.
 3. Apparatus asclaimed in claim 2, wherein said at least one different executioncharacteristic includes one or more of: time to execute said dataprocessing instruction; and power consumption when executing said dataprocessing instruction.
 4. Apparatus as claimed in claim 2, wherein atleast one execution characteristic of at least one data processinginstruction executed by one of said first execution mechanism or saidsecond execution mechanism varies in dependence upon whether a precedingdata processing instruction was executed with either said firstexecution mechanism or said second execution mechanism.
 5. Apparatus asclaimed in claim 1, wherein all of said data processing instructions areexecutable by either said first execution mechanism or said secondexecution mechanism.
 6. Apparatus as claimed in claim 1, wherein saidfirst execution mechanism is operable to execute some of said dataprocessing instructions as native instructions directly controlling dataprocessing hardware and remaining data processing instructions usingemulation software.
 7. Apparatus as claimed claim 1, wherein said secondexecution mechanism is operable to execute all of said data processinginstructions using emulation software.
 8. Apparatus as claimed in claim6, wherein said first execution mechanism and said second executionmechanism share at least some emulation software.
 9. Apparatus asclaimed in claim 1, wherein said data processing instructions are Javabytecode instructions.
 10. Apparatus as claimed in claim 9, wherein saidfirst execution mechanism includes native Java bytecode executionhardware and said second execution mechanism uses Java bytecodeemulation for all Java bytecodes.
 11. Apparatus as claimed in claim 1,comprising a processor core, said pseudo random execution mechanismselecting signal being an input to said processor core.
 12. Apparatus asclaimed in claim 1, wherein a system configuration parameter is operableto force said execution mechanism selector to select said firstexecution mechanism for all data processing instructions.
 13. Apparatusas claimed in claim 12, wherein said system configuration parameter isstored in a system configuration register.
 14. A method of processingdata under control of data processing instructions specifying dataprocessing operations, said method comprising the steps of: executing afirst set of data processing instructions with a first executionmechanism; executing a second set of data processing instructions with asecond execution mechanism, said first set of data processinginstructions overlapping with said second set of data processinginstructions such that one or more data processing instructions areexecutable by either said first execution mechanism or said secondexecution mechanism; and pseudo randomly selecting with an executionmechanism selector either said first execution mechanism or said secondexecution mechanism to execute one or more data processing instructionsthat are executable by either said first execution mechanism or saidsecond execution mechanism; wherein said execution mechanism selector iscontrolled by a pseudo random execution mechanism selecting signalgenerated by a pseudo random signal generator.
 15. A method as claimedin claim 14, wherein said first execution mechanism and said secondexecution mechanism have at least one different execution characteristicfor at least one of said data processing instructions that areexecutable by either said first execution mechanism or said secondexecution mechanism.
 16. A method as claimed in claim 15, wherein saidat least one different execution characteristic includes one or more of:time to execute said data processing instruction; and power consumptionwhen executing said data processing instruction.
 17. A method as claimedin claim 15, wherein at least one execution characteristic of at leastone data processing instruction executed by one of said first executionmechanism or said second execution mechanism varies in dependence uponwhether a preceding data processing instruction was executed with eithersaid first execution mechanism or said second execution mechanism.
 18. Amethod as claimed in claim 14, wherin all of said data processinginstructions are executable by either said first execution mechanism orsaid second execution mechanism.
 19. A method as claimed in claim 14,wherein said first execution mechanism is operable to execute some ofsaid data processing instructions as native instructions directlycontrolling data processing hardware and remaining data processinginstructions using emulation software.
 20. A method as claimed in claim14, wherein said second execution mechanism is operable to execute allof said data processing instructions using emulation software.
 21. Amethod as claimed in claim 19, wherein said first execution mechanismand said second execution mechanism share at least some emulationsoftware.
 22. A method as claimed in claim 14, wherein said dataprocessing instructions are Java bytecode instructions.
 23. A method asclaimed in claim 22, wherein said first execution mechanism includesnative Java bytecode execution hardware and said second executionmechanism uses Java bytecode emulation for all Java bytecodes,
 24. Amethod as claimed in claim 14, comprising a processor core, said pseudorandom execution mechanism selecting signal being an input to saidprocessor core.
 25. A method as claimed in claim 14, wherein a systemconfiguration parameter is operable to force said execution mechanismselector to select said first execution mechanism for all dataprocessing instructions.
 26. A method as claimed in claim 25, whereinsaid system configuration parameter is stored in a system configurationregister.